In-The-Wild & Disclosed CVEs

Windows Error Reporting (WER) incorrectly handles certain files and, when exploited, could lead to the execution of code in kernel mode, providing full administrative control over the system. It is reported that this vulnerability is currently being exploited in the wild.

An attacker calling an Android Phone with Skype for Android installed and paired with a Bluetooth device could listen in on the phone user’s conversation without the user’s knowledge. Changes have been made to how Skype for Android answers incoming phone calls. Note: Due to the platform involved, ASPL will not include coverage for this vulnerability.